Since 2001, more than 132,000 public charities and private foundations have published nearly a half-million Social Security Numbers in public filings with the IRS, putting more than 171,000 individuals at increased risk of identity fraud. Between 2001 and 2006, 18% of all non-profit organizations included at least one social security number on a Form 990.The practice of including SSNs in public tax documents is decreasing, but advocacy organizations, alumni associations, community and scholarship foundations, and private trusts have all published lists of names and social security numbers, unknowingly placing personal information permanently in the public domain. Scholarship recipients, tax professionals, employees, and donors, now face the prospect of living the rest of their lives at increased risk of identity fraud.
Despite massive security efforts in place today by large organizations, data breaches continue to occur and identity theft is on the rise. Something has to change. This paper compares the two primary prevention strategies to demonstrate the strength and value in securing Data-at-Rest and Data-in-Motion. We analyze historical research to highlight the true nature of data breaches and help you determine which strategy is right for you. In nearly every comparison, from cost to effectiveness, Data-at-Rest solutions emerge as the stronger data loss prevention strategy.
Based upon the experiences of Identity Finder hotel customers, this use case illustrates how Identity Finder DLP minimizes a hotel’s risk of data leakage and decreases PCI-DSS audit and compliance costs within a decentralized hotel network. Mid-sized to large hotel and resort chains process and store a variety of guest personal information including PCI Data (e.g., credit card information) using secure Payment and Property Management Systems (PMS). However, in the fast-paced, high-stakes world of property rental, information often leaks out of secure systems, creating a PCI-DSS compliance nightmares. Identity Finder can help.
According to the US HHS, the loss of patient data nearly doubled between 2010 and 2011 and stored data, or “data-at-rest” PHI breaches were the cause of 100% of all reported breaches in 2011; no reported healthcare breaches were due to e-mail disclosure or “data-in-motion” breaches. These problems are so pervasive that the OCR initiated a program of random, system-wide HIPAA audits on Covered Entities. To comply with HIPAA and HITECH, several healthcare systems and hospitals have implemented Identity Finder to find and protect stored PHI. This use case is based upon the actual experience of several Identity Finder customers in the healthcare industry.
The National Strategy for Trusted Identities in Cyberspace (NSTIC) is a government-coordinated, private-sector initiative to launch a nationally interoperable framework of independent federated identity systems. If implemented properly, NSTIC could improve privacy. However, this whitepaper finds that in its current form NSTIC will create new methods to commit identity theft; a false sense of control, privacy, and security among users; new ways to covertly collect users’ personal information; and new markets on which to commoditize human identity. Download the whitepaper or presentation.
- Minimize false positives and search more accurately
- Low costs w/ less training, hardware, and proserv
- Scalable from 100 to 100,000+ employees
- Search with agent, client, or agentlessly
- Comply with regulations more easily
- Centralized management and reporting